摘要
针对当前互联网中亟需解决的安全路由技术展开研究,在综合考虑节点身份和交互行为的基础上,引入一种基于动态贝叶斯网络的可信度量模型,将此模型应用于开放式最短路径优先路由协议,同时结合基于组合公钥的安全认证技术,提出了一种新的安全链路状态路由协议,能够为信息传输选择高安全可信的路径.仿真实验通过模拟拒绝服务攻击,验证了在同等条件下新安全链路状态路由协议在增强安全可信性的同时,并未显著增加协议的开销和复杂性,且在遭受网络攻击时具有较好的时效性和动态自适应能力,能够有效抑制异常实体的威胁.
To develop secure routing technology for the current Internet, a trusted measurement model based on dynamic Bayesian networks (TMMDBN) is introduced by taking both node identity and its interaction into account. Combining the security authentication technology based on the combined public key (CPK), a new secure link state routing protocol(SLSRP) is proposed by applying the model to the OSPF protocol, which can determine a high security and trusted path for data transinission. Simulation results show that SLSRP achieves a much better security performance than OSPF with little increase in signaling overhead and computational complexity. Moreover, SLSRP has an adaptive capability and can quickly react to the denial of the service attack, which can effectively suppress the threat of an abnormal entity.
作者
梁洪泉
吴巍
LIANG Hongquan WU Wei(Science and Technology on Information Transmission and Dissemination in Communication Networks Laboratory, Shijiazhuang 050081, China The 54th Research Institute of China Electronics Technology Group Corporation, Shijiazhuang 050081, China)
出处
《西安电子科技大学学报》
EI
CAS
CSCD
北大核心
2016年第5期121-127,共7页
Journal of Xidian University
基金
国家部委基金资助项目(B1120131046)
国家高技术研究发展计划("863"计划)资助项目(2015A015701)
关键词
可信度量
动态贝叶斯网络
组合公钥
可信平台模块
网络安全
trusted measurement
Bayesian networks
combined public key
trusted platform module
network security
